reCAPTCHA v3

  • Resolved infomed

    (@infomed)


    1 year ago

    HI there,

    I am seeking some help on using reCAPTCHA within WF. We were getting a lot of spam/bot registartions on our site. We do need the option for anyone to register switched on as many customers have a membership added automatically once they have paid.

    The solution to this was to enable reCAPTCHA?v3 in WF. It did the trick. No more bots!

    However, for lots of people logging in, including myself on my non-admin account – I/they would enter their details on our nice custom looking login page, hit login and then be taken to the standard wordpress login credentials page [wp-login.php] where it would say the user had “invalid credentials” .

    They would reeive an email with “Login Verification Required”. I had the criteria set to 0.3. 70% of loggins were graded 0.9 and the rest were 0.0.

    In my case I could just hit login again and I would be logged in successfully. I think though, it may have caused many to reset their passwords unecessarily.

    I wrote here because, I started using a plugin called LearnDash for online classes. It has an option for its own login page/password reset, which we would like to use, however, the WF reCAPTCHA? casues it to also say “Invalid username or password. Please try again”.

    This is not correct of course and pressing login again does not work. They do have to verify by using the link in the email.

    I would like to solve this as we do need reCAPTCHA?enabled to prevent the bots but I need to make it as seemless as possible for my customers. We have about 30-40 genuine users a day getting this problem and subsequent email.

    Thanks,
    Jack

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support wfmark

    (@wfmark)

    Hi @infomed, Thank you for reaching out to us.

    Any “Verification Required” messages and emails are related to the message Google will send back when the user fails to be confirmed as human by reCAPTCHA checks.

    We don’t receive inside information from Google about why a human may sometimes receive a low enough score to always require verification. The “reCAPTCHA human/bot threshold score” setting in Wordfence > Login Security > Settings is set to 0.5 by default. I recommend using the “Run reCAPTCHA in test mode” option for a short time to see what sort of scores you  get.

    Please note that our 2FA and reCAPTCHA features are only supported for the default WordPress/WooCommerce login and registration pages and may not work on custom versions of these pages created manually or by other plugins/themes. This explains why you have issues on your custom login page created by LearnDash.

    We have plans to expand our compatibility in the future, although we cannot commit to timelines here on forums.

    Thanks,

    Mark.

    Thread Starter infomed

    (@infomed)

    Thank you Mark. Appreciate the reply. Yes, i think there was a conflict.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘reCAPTCHA v3’ is closed to new replies.